In the first half of 2019, analysts at computer security firm Risk Based Security (RBS) enumerated a total of 11,092 flaws in computer systems (known as vulnerabilities) that could be exploited by a hacker to take unauthorized actions in another person’s or organization’s system.
CITL researchers studied publicly available firmware images and evaluated them for the presence of standard security features such as the use of non-executable stacks, Address Space Layout Randomization (ASLR) and stack guards, which prevent buffer overflow attacks.
Amazon said this week its facial recognition software can detect a person's fear.The tech giant revealed updates to the controversial tool on Monday that include improving the accuracy and functionality of its face analysis features such as identifying gender, emotions and age range.
In the German independent research institute’s May/June 2019 ‘best antivirus software for Windows Home Users’ report, Windows Defender is one of four products to receive perfect 6 out of 6 scores in the protection, performance, and usability categories.
Millions of shiny new Android smartphones are being purchased with dangerous malware factory-installed, according to Google's own security research team.Android is a thriving open-source community, which is great for innovation but not so great when threat actors seize the opportunity to hide malware in basic software loads that come on boxed devices.
Apple plans to restrict how apps implement internet voice call functionality, which currently could allow mobile software to collect data while running in the background, according to a new report from The Information.
As Patrick Wardle, principal security researcher at Jamf that found several issues in macOS, told Forbes: "If you're a large, well-resourced company such as Apple, who claims to place a premium on security, having a bug-bounty program is a no brainer."
Apple says it will review the process that it uses, called grading, to determine whether Siri is hearing queries correctly, or being invoked by mistake. The Guardian story from Alex Hern quoted extensively from a contractor at a firm hired by Apple to perform part of a Siri quality control process it calls grading.
The discovery was made by security researcher Sam Jadali, who told me at the time that Google’s Manifest V3 does not solve this specific problem: “It has some improvements however it explicitly states that server communication (potentially changing extension behavior) will still be allowed.
CVE-2019-9849 : This vulnerability, which you can fix by installing the latest available update, could allow the inclusion of remote arbitrary content within a document even when 'stealth mode' is enabled.
A Bloomberg article last year gave some details of how the Los Angeles Police Department uses Palantir’s Gotham product for Operation Laser, a program to identify and deter people likely to commit crimes: Information from rap sheets, parole reports, police interviews, and other sources is fed into the system to generate a list of people the department defines as chronic offenders, says Craig Uchida, whose consulting firm, Justice & Security Strategies Inc., designed the Laser system.
Google in May unveiled new features it said would help users protect more of their data, including storing more of it on personal devices rather than in cloud computing centers, and giving people more control over how and when tracking software, or cookies, is deployed.
Self-driving cars or armed autonomous military robots may make use of the same technologies. In a certain sense, we as software developers are helping to build and shape the future. What does the future look like and are we helping build the right one?
People worldwide are encountering cyberattacks like getting their computers infected by malware and letting others access their webcams or microphones. With a malicious code a hacker can easily control your computer and perform many different actions like access your webcam.
Despite some pushback from some lawmakers on the committee, John Wagner of the U.S. Customs and Border Protection (CBP), Austin Gould of the Transportation Security Administration (TSA), Joseph DiPietro of the Secret Service, and Charles Romine from the National Institute of Standards and Technology (NIST) argued that face recognition and biometric surveillance is safe, regulated, and essential for the purposes of keeping airports and U.S. borders secure.
Basic malware will run as a process on your computer without you noticing (until, that is, pictures from your webcam appear on the internet). One more tell-tale sign that your webcam has been hacked is if the security settings for it are a bit screwy.
Potential customers of the Israeli company NSO's hacking software have allegedly been told that the technology can now "surreptitiously scrape all of an individual's data from the servers of Apple, Google, Facebook, Amazon and Microsoft".
Ars Technica reporter Dan Goodin brings the news of a major new privacy failure recently unearthed by security researchers: widely used Chrome and Firefox browser extensions scraped and sold the data of more than 4.1 million people, until the researcher alerted Google and Mozilla.
Apple is facing a new security threat, thanks to developments in the spyware/surveillance tool sold by the Israeli firm NSO Group. Via the Financial Times, the Pegasus phone software now not only harvests data from the user’s onboard storage, but also all communications with the connected cloud.
"These apps are highly unethical and problematic for people's privacy and shouldn't be on the Google Play Store, as they promote criminal behavior, and can be abused by employers, stalkers or abusive partners to spy on their victims," Nikolaos Chrysaidos, Avast's head of mobile threat intelligence and security, said in a statement.
This also means F-Droid won’t allow oppression or harassment to happen at its communication channels, including its forum. We believe platforms like F-Droid’s repository or fediverse instances must be moderated in order to prevent oppression and harassment to flourish.
But other agencies across the country have, including the San Mateo County Sheriff's Office, which scans its mugshot database with facial recognition software, according to a report by Oakland police.
The discussion surrounding the future of facial recognition is expected to continue Tuesday night in Oakland, about two months after San Francisco became the first U.S. city to outlaw the technology. San Francisco supervisors this week passed legislation that would ban the use of facial recognition technology by law enforcement agencies and other city departments.
The technology company pays "language experts" around the world to listen to and transcribe audio recordings made by users. Temporary workers, supplied by contractors, are sent audio recordings to transcribe so that Google can improve its services for people who speak in different accents and languages.
Anti-virus software researchers report that thousands of people, mostly women, have “stalkerware” apps hidden on their phones — surreptitiously installed by their partners — that give the stalker access to the victim’s email, location, SMS, social media messages and even live feeds from their device cameras or microphones.
The advert heavily suggested the monitoring could be done without the subject's consent; it is illegal to use spyware in this way in the U.S. The news shows how companies selling consumer spyware —sometimes known as stalker- or spouseware due to who it is used by and against—leverage platforms to try and get more customers.
Egelman added that the workings of these apps often made the deception obvious to researchers: “There are many apps that we observed which try to access the data the right way through the Android API, and then, failing that, try and pull it off the file system.”.